General
-
Target
3e02ed068e33bf8b1827f2108fb78224003df70055a6933717f4b8392faf17da.zip
-
Size
848KB
-
Sample
240521-gnyy5agh4z
-
MD5
12039d9b9d34ed9a41d09747754b2d5e
-
SHA1
9678018d6c9c2035d350cc190fff1771c8525acd
-
SHA256
c4c11fcf2af69faa99a1bf46315da9581afe77b16cd2d1cc5b7296d84c05f04d
-
SHA512
08f42d5eee816f53e39b481bb44217f5f5478689ab425c88ea976aa8c0b095c42629f1f1f8a9eb7b759082a5c7f3bd0ab73df23eac3f91ae5b48757094a1149c
-
SSDEEP
12288:+DCWBNsFW4Evt2MOGMUyhsAWW86f5ioeEBV1dHEKbnpq8wXXfLenSVRUiWYB0D3r:+HsFo8M5MUy6nW86RiaKKzonfhUiYQW
Static task
static1
Behavioral task
behavioral1
Sample
3e02ed068e33bf8b1827f2108fb78224003df70055a6933717f4b8392faf17da.exe
Resource
win11-20240419-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.svetigeorgije.co.rs - Port:
21 - Username:
[email protected] - Password:
4c5H&b2whkD9
Targets
-
-
Target
3e02ed068e33bf8b1827f2108fb78224003df70055a6933717f4b8392faf17da.exe
-
Size
1.3MB
-
MD5
3303042547cb4d5dc136ffc5784fb9a6
-
SHA1
e4eb7bd9a06e1ee4080140bf0cef295972978a39
-
SHA256
3e02ed068e33bf8b1827f2108fb78224003df70055a6933717f4b8392faf17da
-
SHA512
d251747d91b290195ae2d56e7034eff6dfdfb248b63bb00f18b8321f044941bfca80a357ded22dba7830f74e87928e80d6cc12754b191a4f7579d34c7fbe3809
-
SSDEEP
24576:66EpKkF3Vy05wYK7WUTkH6s5KtDhLZK8/GBRDEMY3y0NjA1d2cO:FPbZ5hLIzBRD18HNjA1drO
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-